When a devastating earthquake struck north central Venezuela last week, rescue teams were not the only ones who mobilised fast. So did domain registrars.
Researchers at threat intelligence firm WhoisXML API say that they uncovered 212 newly-registered domains referencing the earthquake, all of which had been filed within five days of the disaster.
To put that in context, in the three days before the quake, the company found a grand total of zero matching domains. The disaster struck and on the very same day, registrations began, peaking the following day (25 June) with 105 domains filed in those 24 hours alone, before tapering off over the following three days.
Many of the names of the registered domains look reassuringly helpful: 110 reference aid or donations, 52 use “SOS” or rescue-related wording, 56 mention earthquakes or seismic activity, and 12 refer to missing or affected people.
Meanwhile others promise medical help, listings for shelter, maps, or tracking services.
Now, some of those 212 new earthquake-related domains will no doubt belong to genuine charities and volunteers offering to help with the country’s recovery. But, according to researchers, 93% of the domains exposed no individual registrant contact, with those details hidden behind privacy services or simply left blank.
Suspiciously, some of the newly-live websites are already soliciting Bitcoin donations with no verifiable proof that donations will reach victims, according to researcher Alexandre François.
Regular readers of Hot for Security are well aware that disaster-chasing scammers are nothing new, with the pattern recurring for years.
For instance, Hurricane Harvey in 2017 brought such a concerning wave of phishing campaigns and fake charity activity that the FTC issued a direct warning, urging donors to properly vet charities before offering money, and to be wary of any “charity” born overnight.
Scammers played the same trick during the COVID-19 pandemic impersonating UN compensation schemes and recruiting unsuspecting “remote workers” to launder stolen donation money through Bitcoin ATMs.
Even years after a natural disaster scammers can still exploit human misery. That happened a few years after the Japanese tsunami of 2011 when fraudsters attempted “Nigerian Prince”-style scams claiming that dead businessmen had left unclaimed millions.
It’s not a new trick, and it doesn’t have to be. And that’s because exploitation of a major news event – whether it be a natural disaster of otherwise – can be a successful lure for criminals to deploy when defrauding the unwary out of their savings. And when a natural disaster creates an urgent need for response, it is all the easier for cybercriminals to exploit it.
If you want to donate safely for a good cause, type in the URL of a charity that you already know and trust, rather than clicking on links from social media or unsolicited emails.
In addition, you should be suspicious of brand new websites, especially those registered in the days immediately following a disaster, and avoid sites that request cryptocurrency-only donations. Legitimate charities will offer traceable, conventional payment methods and be transparent about where the funds will go.
Generosity after a disaster deserves to benefit the people who need it most, not disappear into the cryptocurrency wallet of a fraudster.
Source link
About the Author
Discover more from Reelpedia
Subscribe to get the latest posts sent to your email.
